Create the script string.
the script
Re-instate inheritance of path permission assignments from parents of the given path.
the path
this builder, modified to re-instate the inheritance of path permission assignments from parents of the given path
Set a path not to inherit path permissions from its parent paths or the default path permissions.
By default, a path without specific SecurityScriptBuilder.setPathPermissions path permission assignments inherits the permission assignments from the first parent path that has them. If neither the path nor any of its parent paths have permission assignments, the default path permissions are used.
the path
this builder, modified to isolate the given path in the path hierarchy
Remove any previously assigned permissions from a particular path for a given role.
This is different from setting no permissions to a path. By removing permissions set for a path, permissions will be inherited from the nearest set of permissions that have been assigned higher in the path hierarchy or from the default path permissions if no more specific permissions are found.
the role to remove path permissions from.
the path path to remove permissions from.
the builder to allow chaining
Set the default permissions that a particular role will have for paths.
the role to set path permissions for.
the path permissions to assign for the role,
default = []
.
the builder to allow chaining
Set the global permissions assigned to a particular role.
the role to set global permissions for.
the permissions to assign globally for a role,
default = []
.
the builder to allow chaining
Sets specific path permissions for a named role.
When permissions are assigned to a role for a path they will apply to the path and any paths below the specified path. Path-scoped permissions are assigned to roles for specific paths. The permission assignment applies to all descendant paths, unless there is a more specific assignment.
To evaluate whether a session has permission for a path, the server starts at that path and searches up the tree to find the nearest permissions assignment. The first assignment is the only one considered, even if the session has roles involved in assignments further up the hierarchy.
the role to assign permissions for.
the path to assign permissions.
the permissions to assign to the role for the specified path. Any empty array (the default) or no argument would specify that the role has no permissions at this path, which differs from there being no permissions assigned for that path (see SecurityScriptBuilder.removePathPermissions).
the builder to allow chaining
Specify a set of a roles that another role should inherit permissions from.
the role
the set of roles to inherit from.
the builder to allow chaining
Restrict a role so it can only be edited by a specific principal.
the role
the locking principal
this builder, modified to lock a role to a single principal that can edit it
Sets the roles to be assigned by default to all anonymous sessions.
the builder to allow chaining
Sets the roles to be assigned by default to all sessions that authenticate with a principal.
the roles to be assigned. Any empty array (the default), or no argument, will result in named sessions being assigned no roles by default.
the builder to allow chaining
A builder that can be used to create scripts for use with updateSecurityStore.
Facilitates producing scripts that control the assignment of permissions to roles. From Diffusion 6.5, script builders are no longer immutable. Each builder operation mutates this script builder and returns it.